Archive for the ‘cybercrime/malcode’ category: Page 161
Sep 9, 2019
An artificial-intelligence first: Voice-mimicking software reportedly used in a major theft
Posted by Saúl Morales Rodriguéz in categories: cybercrime/malcode, robotics/AI
Once the realm of science fiction, voice-mimicking software is now “well within the range of any lay criminal who’s got creativity to spare,” one cybersecurity expert said.
Sep 8, 2019
Fake PayPal Site Spreads Nemty Ransomware
Posted by Genevieve Klien in category: cybercrime/malcode
A web page pretending to offer an official application from PayPal is currently spreading a new variant of Nemty ransomware to unsuspecting users.
It appears that the operators of this file-encrypting malware are trying various distribution channels as it was recently observed as a payload from the RIG exploit kit (EK).
Sep 8, 2019
Warning Issued After Malware Is Found To Have Hijacked Bitcoin Blockchain
Posted by Genevieve Klien in categories: bitcoin, cybercrime/malcode
Bitcoin’s blockchain has been hijacked by a new strain of the Glupteba malware that uses the network to resist attacks, cyber security researchers have warned.
The malware uses the bitcoin blockchain to update, meaning it can continue running even if a device’s antivirus software blocks its connection to servers run by the hackers, security intelligence blog Trend Micro reported this week.
The Glupteba malware, first discovered in December 2018, is distributed through advertising designed to spread viruses through script and can steal an infected devices’ browsing history, website cookies, and account names and passwords with this particular variant found to be targeting file-sharing websites.
Sep 7, 2019
SECURITY: Report reveals play-by-play of first U.S. grid cyberattack — Friday, September 6, 2019 -.net
Posted by Quinn Sena in categories: cybercrime/malcode, energy
A first-of-its-kind cyberattack on the U.S. grid created blind spots at a grid control center and several small power generation sites in the western United States, according to a document posted yesterday from the North American Electric Reliability Corp.
The unprecedented cyber disruption this spring did not cause any blackouts, and none of the signal outages at the “low-impact” control center lasted for longer than five minutes, NERC said in the “Lesson Learned” document posted to the grid regulator’s website.
But the March 5 event was significant enough to spur the victim utility to report it to the Department of Energy, marking the first disruptive “cyber event” on record for the U.S. power grid (Energywire, April 30).
Sep 7, 2019
Protecting the power grid from cyber attacks
Posted by Quinn Sena in categories: business, cybercrime/malcode, education
Circa 2018
As the national power grid becomes increasingly dependent on computers and data sharing—providing significant benefits for utilities, customers, and communities—it has also become more vulnerable to both physical and cyber threats.
While evolving standards with strict enforcement help reduce risks, efforts focused on response and recovery capabilities are just as critical–as is research aimed at creating a well-defended next generation smart grid. The Daily Herd recently sat down with Michael Ahern to discuss the many challenges involved in securing the national power grid against physical and cyber attacks –both now and in the future.
Continue reading “Protecting the power grid from cyber attacks” »
Sep 6, 2019
Secretary Perry Stands Up Office for Artificial Intelligence and Technology
Posted by Omuterema Akhahenda in categories: biotech/medical, cybercrime/malcode, robotics/AI, supercomputing, sustainability
WASHINGTON, D.C.-Today, U.S. Secretary of Energy Rick Perry announced the establishment of the DOE Artificial Intelligence and Technology Office (AITO). The Secretary has established the office to serve as the coordinating hub for the work being done across the DOE enterprise in Artificial Intelligence. This action has been taken as part of the President’s call for a national AI strategy to ensure AI technologies are developed to positively impact the lives of Americans.
DOE-fueled AI is already being used to strengthen our national security and cybersecurity, improve grid resilience, increase environmental sustainability, enable smarter cities, improve water resource management, as well as speed the discovery of new materials and compounds, and further the understanding, prediction, and treatment of disease. DOE’s National Labs are home to four of the top ten fastest supercomputers in the world, and we’re currently building three next-generation, exascale machines, which will be even faster and more AI-capable computers.
“The world is in the midst of the Golden Age of AI, and DOE’s world class scientific and computing capabilities will be critical to securing America’s dominance in this field,” said Secretary Perry. “This new office housed within the Department of Energy will concentrate our existing efforts while also facilitating partnerships and access to federal data, models and high performance computing resources for America’s AI researchers. Its mission will be to elevate, accelerate and expand DOE’s transformative work to accelerate America’s progress in AI for years to come.”
Sep 6, 2019
$5.3M Ransomware Demand: Massachusetts City Says No Thanks
Posted by Genevieve Klien in category: cybercrime/malcode
After being hit by a ransomware attack, Massachusetts city New Bedford faced a payout demand of more than $5 million – one of the largest known ransoms ever.
After a ransomware attack slapped a hefty payout demand of $5.3 million on New Bedford, Mass., the city announced that it is instead opting to pick up the pieces and restore what it can from backups itself.
If the city had opted to pay, the payout would have been the largest known ransom payout for an attack yet.
Sep 5, 2019
New technology allows software components to be isolated from each other with little computation
Posted by Saúl Morales Rodriguéz in categories: cybercrime/malcode, encryption, internet
Safeguarding passwords, credit card numbers or cryptographic keys in computer programs will require less computational work in the future. Researchers at the Max Planck Institute for Software Systems in Kaiserslautern and Saarbrücken have come up with a new technology called ERIM to isolate software components from each other. This allows sensitive data to be protected from hackers when the data is processed by online services, for example. The new method has three to five times less computational overhead than the previous best isolation technology, making it more practical for online services to use the technology. This was reason enough for USENIX, a US-American computing systems association, and Facebook to award their 2019 Internet Defense Prize to the researchers.
Computer programs are like a fortress. Just as a fortress is protected by thick walls, moats and iron gates, firewalls and other security technologies prevent cyber criminals from maliciously exploiting software apps. And just as one poorly guarded gate or a supposedly secret escape tunnel may allow besiegers to capture a castle, all hackers need is a small security gap to gain access to all components of a software. In the worst case, they can then get their hands on the data that grants them access to user accounts or even allow them to make credit card payments. For example, the Heartbleed bug in the widely used OpenSSL encryption software made user names and passwords of various online services and programs vulnerable to hackers.
Sep 2, 2019
Police hijack a botnet and remotely kill 850,000 malware infections
Posted by Quinn Sena in categories: cryptocurrencies, cybercrime/malcode
In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers.
The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other malicious code, like spyware or ransomware. The malware also has wormable properties, allowing it to spread from computer to computer.
Since its first appearance, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America.